Online or electronic security is a major issue in the industry. It seems a month does not go by without news of some major business having a security breach. Such breaches include government agencies, retail outlets, social media companies, and even major banks.
Whenever an enterprise believes that a secure fix to remedy a breach has been deployed, hackers quickly figure out a new way to breach their systems. In some cases, the breaches are not even within the systems of the enterprise; rather, the breaches can occur over network transmission lines that enter or exit the enterprise systems; the hackers use sniffing techniques to acquire copies of data packets being transmitted over the network lines and find a way to break any encryption being used (assuming encryption was being used).
Advances are being made to combat security issues. For example, in the retail industry where a retailer has to ensure the integrity of financial transactions at Point-Of-Sale (POS) terminals, Secure Input/Output (I/O) Modules (SIOMs) have been deployed within POS terminals. These SIOMs are physical modules integrated into the POS terminals. The SIOM is a gatekeeper that establishes and manages encrypted communications between endpoint devices that support secure communications. The SIOM acts as a traffic cop, enforcing security policies and routing messages across device controllers.
The SIOM and its associated processing are a localized system (within a POS terminal) connected to its endpoint devices over physical mediums, such as RS-232c serial ports, Universal Serial Bus (USB), FireWire, etc. A SIOM manages the security and policies for a single terminal and the integrated endpoint devices (peripherals) for that terminal.
However, many legacy POS terminals lack an integrated SIOM and deployment of a SIOM requires new hardware deployment. Moreover, if a retailer desires the security that a SIOM offers, then each of the retailer's POS terminals would have to have a SIOM installed thereon.
Therefore, there is a need for improved SIOM deployment and access that are independent of the current one-SIOM to one-terminal approach.